Web3 Scams & Phishing
Drainers, fake support, "airdrops", advance-fee donor scams.
Why Web3 is a phishing paradise
Transactions are irreversible. There is no "fraud department" to call. Attackers know this and have built mature, productized scam infrastructure: drainer kits, fake support networks, lookalike domains, malicious ads, deepfaked founder voices on calls.
Wallet drainers
A drainer is a malicious smart contract / dApp pattern designed to extract maximum value from a victim wallet in a single (or very few) signatures. They appear as:
Fake support DMs
You post in a real project's Discord asking for help. Within minutes, a "moderator" DMs you with a friendly tone and a link to "validate" your wallet. It is always a scam. No real support team initiates DMs; no real team needs your seed phrase.
"Airdrops" and "claims"
Donor and grant scams targeting NGOs
NGOs have become a specific target: attackers create plausible "donor" personas offering large crypto grants, sometimes referencing real foundations. The pattern almost always involves:
A real donor never asks you to pay first or connect your treasury to an unfamiliar dApp. When in doubt, verify out-of-band with the funder using a phone number / address from their official website.